Juan Lang : crypt32: Set CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS when a certificate' s name constraints are met.
Alexandre Julliard
julliard at winehq.org
Mon Nov 16 11:43:52 CST 2009
Module: wine
Branch: master
Commit: c4b997bab3d530339c89370cda337f8b3e415129
URL: http://source.winehq.org/git/wine.git/?a=commit;h=c4b997bab3d530339c89370cda337f8b3e415129
Author: Juan Lang <juan.lang at gmail.com>
Date: Thu Nov 12 17:05:07 2009 -0800
crypt32: Set CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS when a certificate's name constraints are met.
---
dlls/crypt32/chain.c | 8 ++++++--
dlls/crypt32/tests/chain.c | 10 ++++++----
2 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index eb6d757..17471d5 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -815,8 +815,12 @@ static void CRYPT_CheckChainNameConstraints(PCERT_SIMPLE_CHAIN chain)
CRYPT_CheckNameConstraints(nameConstraints,
chain->rgpElement[j]->pCertContext->pCertInfo,
&errorStatus);
- chain->rgpElement[i]->TrustStatus.dwErrorStatus |=
- errorStatus;
+ if (errorStatus)
+ chain->rgpElement[i]->TrustStatus.dwErrorStatus |=
+ errorStatus;
+ else
+ chain->rgpElement[i]->TrustStatus.dwInfoStatus |=
+ CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS;
}
}
}
diff --git a/dlls/crypt32/tests/chain.c b/dlls/crypt32/tests/chain.c
index be3a0bd..e48dba3 100644
--- a/dlls/crypt32/tests/chain.c
+++ b/dlls/crypt32/tests/chain.c
@@ -2927,7 +2927,8 @@ static CONST_DATA_BLOB chain19[] = {
static const CERT_TRUST_STATUS elementStatus19[] = {
{ CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT,
- CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER },
+ CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER |
+ CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS },
};
static const SimpleChainStatusCheck simpleStatus19[] = {
{ sizeof(elementStatus19) / sizeof(elementStatus19[0]), elementStatus19 },
@@ -2951,7 +2952,8 @@ static CONST_DATA_BLOB chain21[] = {
static const CERT_TRUST_STATUS elementStatus21[] = {
{ CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT,
- CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER },
+ CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER |
+ CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS },
};
static const SimpleChainStatusCheck simpleStatus21[] = {
{ sizeof(elementStatus21) / sizeof(elementStatus21[0]), elementStatus21 },
@@ -3257,7 +3259,7 @@ static ChainCheck chainCheck[] = {
CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT,
CERT_TRUST_HAS_PREFERRED_ISSUER | CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS
},
- { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 },
+ { CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS },
1, simpleStatus19 },
0 },
/* Older versions of crypt32 do not set
@@ -3278,7 +3280,7 @@ static ChainCheck chainCheck[] = {
CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT,
CERT_TRUST_HAS_PREFERRED_ISSUER | CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS
},
- { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 },
+ { CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS },
1, simpleStatus21 },
0 },
{ { sizeof(chain22) / sizeof(chain22[0]), chain22 },
More information about the wine-cvs
mailing list